<?php
include_once('./system/dbConn.php');
//连接数据
connect();
session_start();
$u=$_SESSION["user"];
$oldpswd=$_POST["old"];
$newpswd1=$_POST["new1"];
$newpswd2=$_POST["new2"];
$sql0="select * from users where uname='$u'";
$rs=mysql_query($sql0);
$row=mysql_fetch_assoc($rs);
if(strcmp($row["password"],$oldpswd)!=0)
{
header("location:index.php?re3=1&msg3=修改失败，原密码不正确，请重新填写");
}else
if(strcmp($newpswd1,$newpswd2)!=0)
{
header("location:index.php?re4=1&msg4=修改失败，新密码和确认密码不一致，请重新填
写");}else{
$sql="update users set password='$newpswd1' where uname='$u'";
$rs=mysql_query($sql);
if($rs==1)
header("location:index.php?re5=1&msg5=修改成功，请点击关闭按钮返回首页");
else
{echo "<h2>密码修改失败，3 秒后返回网站首页<h2>";
header('Refresh: 3; url=index.php');
}
}
?>